Privacy Policy

We are very pleased about your interest in our company. Data protection has a particularly high priority for the management of Alexandra Sigg. The use of the websites of face-of-elgouna.com is generally possible without providing any personal data. However, if a data subject wishes to use special services of our company via our website, processing of personal data may become necessary. If the processing of personal data is required and there is no legal basis for such processing, we generally obtain the consent of the data subject.

The processing of personal data, for example the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to Alexandra Sigg. With this privacy policy, our company aims to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy informs data subjects of their rights.

Alexandra Sigg, as the data controller, has implemented numerous technical and organizational measures to ensure the most complete protection possible of personal data processed via this website. Nevertheless, internet-based data transmissions can generally have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, each data subject is free to transmit personal data to us via alternative methods, such as by telephone.

Definitions

The privacy policy of Alexandra Sigg face-of-elgouna.com is based on the terms used by the European legislator when enacting the GDPR. Our privacy policy is intended to be easily readable and understandable for both the public and our customers and business partners. To ensure this, we will first explain the terminology used.

We use, among others, the following terms in this privacy policy:

a) Personal Data
Personal data means any information relating to an identified or identifiable natural person (hereinafter „data subject“). An identifiable natural person is one who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b) Data Subject
Data subject is any identified or identifiable natural person whose personal data is processed by the controller.

c) Processing
Processing is any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d) Restriction of Processing
Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.

e) Profiling
Profiling means any form of automated processing of personal data consisting of using personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

g) Controller
Controller or data controller is the natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of processing are determined by Union or Member State law, the controller may be designated according to criteria set forth by Union or Member State law.

h) Processor
Processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

i) Recipient
Recipient is a natural or legal person, public authority, agency, or another body to which personal data are disclosed, whether a third party or not. Authorities that may receive personal data in the context of a particular inquiry under Union or Member State law are not considered recipients.

j) Third Party
Third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, or persons authorized to process personal data under the direct authority of the controller or processor.

k) Consent
Consent of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they signify agreement to the processing of personal data relating to them, either by a statement or by a clear affirmative action.

Name and Address of the Controller

Controller in the sense of the GDPR, other data protection laws of the EU Member States, and other data protection regulations is:

Alexandra Sigg 

face-of-elgouna.com
Scheffelstr. 39
79199 Kirchzarten
Germany
Tel.: +49 172 8423737
Email: info@alexandra-sigg.de
Website: face-of-elgouna.com

Cookies

The websites of face-of-elgouna.com use cookies. Cookies are text files that are stored on a computer system via an internet browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID, a unique identifier that allows websites and servers to assign the browser in which the cookie was stored. This allows the visited websites and servers to distinguish the individual browser of the data subject from other browsers that contain other cookies.

By using cookies, face-of-elgouna.com can provide users of this website with more user-friendly services that would not be possible without setting cookies. Cookies allow us, as mentioned, to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website—for example, they do not need to enter login data every time they visit, or items placed in an online shopping cart are remembered via a cookie.

Data subjects can prevent the setting of cookies at any time via their browser settings and can delete already set cookies at any time. If cookies are disabled, some functions of our website may not be fully available.

Collection of General Data and Information

Each visit to the website by a data subject or automated system collects general data and information, which are stored in server log files. This may include:

  1. Browser types and versions used

  2. Operating system of the accessing system

  3. The website from which an accessing system reaches our site (referrer)

  4. The subpages accessed

  5. Date and time of access

  6. IP address

  7. Internet service provider of the accessing system

  8. Other similar data and information for security purposes

These data are not used to identify the data subject but to:

  • Deliver content correctly

  • Optimize our website and advertising

  • Ensure long-term functionality of IT systems

  • Provide information to law enforcement in case of cyberattacks

Registration on Our Website

Users may register on the website by providing personal data. These data are used solely for internal purposes. IP addresses, date, and time of registration are also stored to prevent misuse. Users may access, correct, or delete their personal data at any time.

Newsletter

Users may subscribe to our newsletter. Personal data is used exclusively for sending the newsletter and not shared with third parties. Double opt-in confirmation is used to ensure consent. Newsletter emails may include tracking pixels to analyze opening and click behavior, solely to improve content and delivery. Users may unsubscribe at any time.

Contact via Website

The website provides means for direct electronic contact. Any personal data submitted via email or contact form are stored only to handle inquiries and are not shared with third parties.

Blog Comments

Users may leave comments on blog posts. The system stores the comment, username, and IP address for security reasons. No data is shared unless legally required or for legal defense.

Routine Deletion and Blocking of Personal Data

Personal data is stored only as long as necessary or as required by law. Once the storage purpose expires, data is routinely deleted or blocked.

Rights of Data Subjects

a) Right to confirmation – Users can request confirmation whether their data is processed.
b) Right to access – Users can obtain all stored data and details about processing.
c) Right to rectification – Users can request correction of inaccurate or incomplete data.
d) Right to erasure (“right to be forgotten”) – Users can request deletion of personal data under certain conditions.
e) Right to restriction of processing – Users can request limiting processing in specific circumstances.
f) Right to data portability – Users can receive their data in a structured, machine-readable format and transmit it to another controller.
g) Right to object – Users can object to data processing based on specific circumstances or for direct marketing.
h) Automated decision-making, including profiling – Users have the right not to be subject to decisions based solely on automated processing, except in certain cases.
i) Right to withdraw consent – Users can withdraw consent for data processing at any time.

Legal Basis for Processing

Processing is based on:

  • Consent (Art. 6 I lit. a GDPR)

  • Contract fulfillment (Art. 6 I lit. b GDPR)

  • Legal obligations (Art. 6 I lit. c GDPR)

  • Vital interests (Art. 6 I lit. d GDPR)

  • Legitimate interests (Art. 6 I lit. f GDPR)

Legitimate Interests

Legitimate interests include the operation of our business for the benefit of employees and stakeholders.

Data Retention

Personal data is stored according to statutory retention periods. After this period, data is routinely deleted unless still required for contract fulfillment.

Provision of Data and Consequences of Non-Disclosure

Providing personal data may be legally or contractually required. Non-provision may result in inability to conclude contracts.

Automated Decision-Making

We do not use automated decision-making or profiling.

This privacy policy was created using the DGD Deutsche Gesellschaft für Datenschutz GmbH Privacy Policy Generator in cooperation with the media law firm WILDE BEUGER SOLMECKE.